Get2
Get2 is a downloader written in C++ that has been used by TA505 to deliver FlawedGrace, FlawedAmmyy, Snatch and SDBbot.[1]
ID: S0460
ⓘ
Type: MALWARE
ⓘ
Platforms: Windows
Version: 1.0
Created: 29 May 2020
Last Modified: 16 June 2020
Techniques Used
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Enterprise | T1059 | 命令与脚本解释器 |
Get2 has the ability to run executables with command-line arguments.[1] |
|
| Enterprise | T1071 | .001 | 应用层协议: Web Protocols |
Get2 has the ability to use HTTP to send information collected from an infected host to C2.[1] |
| Enterprise | T1082 | 系统信息发现 |
Get2 has the ability to identify the computer name and Windows version of an infected host.[1] |
|
| Enterprise | T1033 | 系统所有者/用户发现 |
Get2 has the ability to identify the current username of an infected host.[1] |
|
| Enterprise | T1057 | 进程发现 |
Get2 has the ability to identify running processes on an infected host.[1] |
|
| Enterprise | T1055 | .001 | 进程注入: Dynamic-link Library Injection | |